![Rising USDT Phishing, Zimbra Credential Targeting, UAE Phishing Surge – Cybersecurity News [ August 21, 2023]](https://www.phishprotection.com/wp-content/uploads/2023/08/phishing-prevention-3.jpg)
Listen to this blog post below
Here are the latest updates in the realm of digital safety, specifically the weekly phishing news and emerging online threats information. Stay informed in order to strengthen your defenses against phishing attacks with the added layer of phishing protection.
Escalating Phishing Attacks: Scammers Pocket $675,000 via USDT Approval Phishing Scams
Recent reports highlight a concerning trend as scammers made off with a substantial sum of $675,000 along with seven distinct NFTs (Non-Fungible Tokens), notably including prized possessions from the ‘Mutant Ape Yacht Club.’
PeckShield, a prominent name in blockchain security, has brought to light this particularly concerning case where a scam artist stole over $675,000 in just five days. These incidents occurred as two phishing attacks that have set off alarm bells among digital security experts.
The modus operandi of these crypto scammers involves many tactics, with deceptive airdrops being one of their preferred methods to lay hands on individuals’ digital assets. The scam revolves around an ingenious move wherein unsuspecting victims were manipulated into granting unrestricted spending permission for USDT.
Given these incidents, PeckShield strongly advises users to reconsider and revoke their USDT spending permissions.
Image sourced from thinksetmag.com
Persistent Phishing Scams Aim for Zimbra Credentials
ESET experts found an ongoing malicious campaign wherein threat actors target users of Zimbra collaboration software. Started in April 2023, it aims to steal Zimbra login credentials.
Threat actors send emails pretending to be from server administrators, mentioning updates or problems. They include a malicious link in an HTML file attachment, leading to a fake Zimbra login. Sometimes, they use compromised Zimbra accounts to send more fake emails.
The stolen login credentials go to the threat actors’ server. Though the trick isn’t highly sophisticated, it works because numerous groups use Zimbra. These malicious actors go after small businesses and governments, mainly in Poland, Ecuador, and Italy.
In this case, adversaries only use social engineering methods to fool individuals. However, they may explore other pathways too. In March 2023, a malicious group called Winter Vivern targeted prominent users, and in February 2022, a group called TEMP_Heretic stole emails by exploiting vulnerabilities in Zimbra.
Sharp 77% Surge in Phishing Email Campaigns in the UAE During the Previous Quarter
The UAE witnessed a significant rise in phishing emails during the Q2 of 2023. Deceitful phishing email campaigns surged by 77% compared to the previous quarter, as per a report from Kaspersky.
The sudden upsurge suggests that the tactics used by scammers are getting smarter. Kaspersky identified four main methods these phishing emails employ in the Middle East, Turkey, and Africa regions. These methods include emails about undelivered packages, messages asking for personal details, promises of free money, and alerts about unusual email logins.
The above are simple social engineering tricks to manipulate the victim’s mind. These phishing threats might also come with malware and ransomware attachments that can harm individuals and businesses significantly.
You should be cautious when interacting with unsolicited emails, as a single wrong click can lead you to severe consequences.
Hacking Forum Exposes Data of 2.6 Million DuoLingo Users Obtained Through Scraping
Data from 2.6 million DuoLingo users was leaked on a malicious forum, giving threat actors the chance to target people through phishing.
DuoLingo is a prominent language education provider with monthly user traffic of 74 million. In January 2023, an unknown threat actor sold the scraped data of 2.6 million DuoLingo users on a forum that is now closed. The data included public names and email addresses, with the threat actors asking $1,500 for the dataset.
Even though DuoLingo said the data came from public info, they didn’t explain the email addresses involved in the incident though they don’t belong to public information. The stolen data was recently posted on a different forum for a lower price.
A similar case happened with Facebook, resulting in a huge penalty, and recently with Twitter.
The incident underscores the urgent need for robust cybersecurity measures to counteract threats like phishing. As seen in this breach and similar cases involving major platforms, the compromise of private data carries far-reaching consequences.